US and UK Release Joint Guidelines for Secure AI System | Australian regulator calls for new competition laws for digital platforms | Inside U.S. efforts to untangle an A.I. giant’s ties to China
Good morning. It's Tuesday 28th November.
The Daily Cyber & Tech Digest focuses on the topics we work on, including cybersecurity, critical technologies, foreign interference & disinformation.
Follow us on Twitter and on LinkedIn.
Taking a significant step forward in addressing the intersection of artificial intelligence and cybersecurity, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency and the United Kingdom’s National Cyber Security Centre today jointly released Guidelines for Secure AI System Development to help developers of any systems that use AI make informed cybersecurity decisions at every stage of the development process. Cybersecurity and Infrastructure Security Agency
Australia's competition watchdog said on Monday new competition laws were required in response to the rapid expansion of digital platforms such as Amazon, Apple, Google, Meta, and Microsoft in the country. The Australian Competition and Consumer Commission in its latest report for the Digital Platform Services Inquiry raised concerns that the expansion of these platforms has increased the risk of them engaging in harmful behaviour such as invasive data collection and practices that lock in customers and limit their choices. Reuters
U.S. officials fear G42 could be a conduit by which advanced American technology is siphoned to Chinese companies or the government. The intelligence reports have also warned that G42’s dealings with Chinese firms could be a pipeline to get the genetic data of millions of Americans and others into the hands of the Chinese government, according to two officials familiar with the reports. The New York Times
ASPI
Australia’s new cybersecurity strategy tackles the tough issues
The Strategist
Mike Bareja, Alexandra Caples
The cybersecurity strategy released last week by the Albanese government is about collaboration and communication, not about conjuring our worst national-security nightmares. It’s focused on industry and consumers. The government, industry and citizens must work together with trust for Australia to make real changes in our cybersecurity, and this strategy recognises that. One of Cyber Security Minister Clare O’Neil’s objectives seems to be humanising cyber and making it appealing and accessible to everyday Australians.
Australia
Australian regulator calls for new competition laws for digital platforms
Reuters
Ayushman Ojha, John Biju
Australia's competition watchdog said on Monday new competition laws were required in response to the rapid expansion of digital platforms such as Amazon, Apple, Google, Meta, and Microsoft in the country. The Australian Competition and Consumer Commission in its latest report for the Digital Platform Services Inquiry raised concerns that the expansion of these platforms has increased the risk of them engaging in harmful behaviour such as invasive data collection and practices that lock in customers and limit their choices.
AFP involved in shutdown of alleged myGov phishing kit supplier
iTnews
Ry Crozier
A joint operation by Australian, Malaysian and US authorities has led to eight arrests over alleged “phishing kits” that could be used to target online government services sites, including myGov.
‘Serious breach’: social media platform X booted from Australia’s misinformation code
The Guardian
Josh Taylor
X has been kicked out of Australia’s voluntary misinformation and disinformation code, after failing to respond to a complaint about shutting down channels for users to report misinformation, during the voice to parliament referendum.
China
China is ‘cultivating’ western influencers to peddle propaganda
India Today
Subham Tiwari
Facing global criticism for its authoritarian regime, oppression, treatment of ethnic minorities, and aggressive behaviour towards neighbours, the regime of President XI Jinping has “cultivated” a large pool of foreign influencers and content creators who peddle the Communist Party of China’s (CCP) online propaganda, counter-narratives, and sell the China dream.
USA
Inside U.S. efforts to untangle an A.I. giant’s ties to China
The New York Times
Mark Mazzetti, Edward Wong
But in classified American intelligence channels, there have been more concerning reports about the company. The C.I.A. and other American spy agencies have issued warnings about G42’s work with large Chinese companies that U.S. officials consider security threats, including Huawei, the telecommunications giant that is under U.S. sanctions. U.S. officials fear G42 could be a conduit by which advanced American technology is siphoned to Chinese companies or the government. The intelligence reports have also warned that G42’s dealings with Chinese firms could be a pipeline to get the genetic data of millions of Americans and others into the hands of the Chinese government, according to two officials familiar with the reports.
In 2024, Republican EV attacks may fall short as swing states reap investment
Reuters
Gram Slattery, Nichola Groom
Electric vehicles are a "hoax," they do not work, and they are strengthening China's economy at the expense of American jobs. Those are among the criticisms that contenders for the 2024 Republican presidential nomination, including former President Donald Trump and Florida Governor Ron DeSantis, have leveled on the campaign trail in recent weeks.
California’s privacy watchdog eyes AI rules with opt-out and access rights
TechCrunch
Natasha Lomas
California’s Privacy Protection Agency is preparing for its next trick: Putting guardrails on AI. The state privacy regulator, which has an important role in setting rules of the road for digital giants given how much of Big Tech is headquartered on its sun-kissed soil, has today published draft regulations for how people’s data can be used for what it refers to as automated decisionmaking technology.
North Asia
South Korea welcomes new rules easing chip tool shipments to China
Nikkei Asia
Stevem Borowiec
New U.S. trade rules that will let major South Korean companies keep producing semiconductors in China are a "very, very significant measure" for business, Ahn Duk-geun, South Korean minister for trade, told Nikkei Asia in an interview.
Taiwan: Three-way presidential race to bring China tensions, cyber risks
Stratfor
China's disinformation and hacking operations against Taiwan will escalate from now until Jan. 13 as Beijing tries to shrink Lai's lead over Hou, China's preferred candidate.
Southeast Asia
The US wants Vietnam to be its new tech best friend
WIRED
Will Knight, Trang Bui
As tensions between the US and China over technology and national security have grown, so has the pressure on the US to diversify. Last month, the Biden administration tightened its chip sanctions on China still further. Yet although Vietnam’s government and industries are enthusiastic about working more closely with the US, supply chain experts in both Washington and Hanoi warn that it can’t replace China’s tech manufacturing scale and skills any time soon.
Ukraine - Russia
Ukraine claims cyber operation against Russian aviation agency
The Record from Recorded Future News
Daryna Antoniuk
Ukraine's defense intelligence directorate has claimed it carried out a successful cyber operation against Russian government’s civil aviation agency, also known as Rosaviatsia.
Europe
X has become a ‘Global Sewer,’ Mayor of Paris says
The New York Times
Liz Alderman
Anne Hidalgo, the mayor of Paris, announced Monday on X, formerly Twitter, that she was quitting the social media site because it had devolved into a “gigantic global sewer” for disinformation, hatred, anti-Semitism and racism, and a “tool for destroying our democracies.”
UK
Children making AI-generated child abuse images, says charity
BBC
Tom Gerken, Joe Tidy
Children are making indecent images of other children using artificial intelligence image generators, according to a UK charity. The UK Safer Internet Centre said it had received "a small number of reports" from schools but called for action now before the problem grew.
Middle East
Shadowy hacking group targeting Israel shows outsized capabilities
CyberScoop
AJ Vicens
A hacking campaign displaying what researchers say is some of the most advanced publicly known tradecraft targeting Israel in recent years is showing signs of active development and evolution, a troubling development that has so far blended into the noise of near constant cyber operations targeting Israel.
Israel tells Elon Musk Starlink can only operate in Gaza with its approval
Financial Times
Chloe Cornish
Israel has told Elon Musk his Starlink satellite network will only be allowed to operate in Gaza with its approval, as the entrepreneur met the country’s leaders amid a furore over alleged antisemitism on his social platform X.
Focus: New crypto front emerges in Israel's militant financing fight
Reuters
Tom Wilson, Elizabeth Howcroft
A new front has emerged in Israel's fight against the funding of Iran-backed militant groups from Hamas to Hezbollah: A fast-growing crypto network called Tron. Quicker and cheaper than its larger rival Bitcoin, Tron has overtaken its rival as a platform for crypto transfers associated with groups designated as terror organizations by Israel, the United States and other countries, according to interviews with seven financial crime experts and blockchain investigations specialists.
Big Tech
Instagram’s algorithm delivers toxic video mix to adults who follow children
The Wall Street Journal
Jeff Horwitz, Katherine Blunt
Instagram’s Reels video service is designed to show users streams of short videos on topics the system decides will interest them, such as sports, fashion or humor. The Meta Platforms-owned social app does the same thing for users its algorithm decides might have a prurient interest in children, testing by The Wall Street Journal showed.
ByteDance fires hundreds, slashes games arm in major retreat
Bloomberg
Zheping Huang, Dong Cao
ByteDance Ltd. plans to cut hundreds of jobs in gaming and wind down its showpiece brand Nuverse in a major withdrawal from the sector, handing a victory to rival Tencent Holdings Ltd.
OpenAI’s Chief Scientist made a tragic miscalculation
The Atlantic
Ross Andersen
Until recently, to the extent that Sutskever was known at all, it was as a brilliant artificial-intelligence researcher. He was the star student who helped Geoffrey Hinton, one of the “godfathers of AI,” kick off the so-called deep-learning revolution. On Thursday night, Sutskever set an extraordinary sequence of events into motion. Sutskever took on the role of Brutus, informing Altman that he was being fired.
Artificial Intelligence
DHS CISA and UK NCSC release joint guidelines for secure AI system development
Cybersecurity and Infrastructure Security Agency
Taking a significant step forward in addressing the intersection of artificial intelligence and cybersecurity, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency and the United Kingdom’s National Cyber Security Centre today jointly released Guidelines for Secure AI System Development to help developers of any systems that use AI make informed cybersecurity decisions at every stage of the development process. The guidelines were formulated in cooperation with 21 other agencies and ministries from across the world – including all members of the Group of 7 major industrial economies -- and are the first of their kind to be agreed to globally.
Guidelines for secure AI system development
UK National Cyber Security Centre
This document recommends guidelines for providers of any systems that use artificial intelligence, whether those systems have been created from scratch or built on top of tools and services provided by others. Implementing these guidelines will help providers build AI systems that function as intended, are available when needed, and work without revealing sensitive data to unauthorised parties.18 nations push for global ‘secure by design’ AI development
Silicon Republic
Leigh McGowran
Tech giants such as Microsoft, Google and IBM all contributed to the guidelines, which focus on keeping AI systems secure as the sector continues to grow rapidly. A consortium of various national cybersecurity organisations have released guidelines to support the secure development of AI systems.
Misc
Plex users fear new feature will leak porn habits to their friends and family
404 Media
Jason Koebler
Many Plex users were alarmed when they got a “week in review” email last week that showed them what they and their friends had watched on the popular media server software. Some users are saying that their friends’ softcore porn habits are being revealed to them with the feature, while others are horrified by the potentially invasive nature feature more broadly.
The envy office: Can Instagrammable design lure young workers back?
The New York Times
Emma Goldberg, Anna Kodé
It’s a cycle that American workers have seen before: When working norms change, the design of the office goes with them. In fact, in a survey of some 14,000 workers around the globe conducted by Gensler last year, nearly 40 percent said their employers redesigned their offices during the pandemic.
How your child’s online mistake can ruin your digital life
The New York Times
Kashmir Hill
Google-owned YouTube has A.I.-powered systems that review the hundreds of hours of video that are uploaded to the service every minute. The scanning process can sometimes go awry and tar innocent individuals as child abusers. The New York Times has documented other episodes in which parents’ digital lives were upended by naked photos and videos of their children that Google’s A.I. systems flagged and that human reviewers determined to be illicit. Some parents have been investigated by the police as a result.
Research
AnyDream: Secretive AI platform broke stripe rules to rake in money from nonconsensual pornographic deepfakes
Bellingcat
Kolina Koltai
A US artificial intelligence company surreptitiously collected money for a service that can create nonconsensual pornographic deepfakes using financial services company Stripe, which bans processing payments for adult material, an investigation by Bellingcat can reveal.
The Daily Cyber & Tech Digest is brought to you by the Cyber, Technology & Security team at ASPI.